diff --git a/CHANGELOG.md b/CHANGELOG.md
index e5857caa7..2884825e2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ## [unreleased]
 ### Security
 - Mastodon API: Fix display names not being sanitized
+- Rich media: Do not crawl private IP ranges
+
 ### Added
 - Add a generic settings store for frontends / clients to use.
 - Explicit addressing option for posting.
@@ -63,6 +65,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Configuration: `skip_thread_containment` option
 - Configuration: `rate_limit` option. See `Pleroma.Plugs.RateLimiter` documentation for details.
 - MRF: Support for filtering out likely spam messages by rejecting posts from new users that contain links.
+- Configuration: `ignore_hosts` option
+- Configuration: `ignore_tld` option
 
 ### Changed
 - **Breaking:** bind to 127.0.0.1 instead of 0.0.0.0 by default
@@ -102,7 +106,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Posts which are marked sensitive or tagged nsfw no longer have link previews.
 - HTTP connection timeout is now set to 10 seconds.
 - Respond with a 404 Not implemented JSON error message when requested API is not implemented
-- Rich Media: Added `ignore_hosts` and `ignore_tld` config params, that allow to set host and top level domain to ignore for crawl URLs from posts.
 - Rich Media: crawl only https URLs.
 
 ### Fixed